Archive for January 24, 2020

Friday, January 24, 2020

Federico’s Must-Have iOS Apps

Federico Viticci:

Two themes emerged over the second half of 2019, though. First, thanks to various improvements in iOS and iPadOS 13, I increased my reliance on “first-party” Apple apps: I embraced the new Reminders app and its exclusive features, stopped using third-party note-taking apps and moved everything to Notes, and switched back to Apple Mail as my default email client. I’ve written about the idea of comfort in the Apple ecosystem before, and I’ve seen that concept work its way into my app preferences more and more over the course of 2019.

[…]

Following changes to running shortcuts from the Home screen in iOS 13, I realized how much I was going to benefit from the ability to execute commands with the tap of an icon, so I decided to mix and match apps and shortcuts on my Home screens to maximize efficiency.

[…]

This entire story features a collection of the 50 apps I consider my must-haves on the iPhone and iPad, organized in seven categories; whenever possible, I included links to original reviews and past coverage on MacStories.

On the Road to Swift 6

Ted Kremenek:

There are major investments currently underway to improve the core developer experience, such as:

  • Faster builds

  • More informative and accurate diagnostics

  • Responsive code completion

  • Reliable and fluid debugging experience

And many others.

These are crucial endeavors, and they represent most engineering work that is happening in the project right now. They will remain an area of focus until these are nothing short of excellent.

[…]

[There] are three language areas which are particularly important to focus on:

  • Round out capabilities in the language that support building expressive and elegant APIs such as variadic generics and DSL capabilities like function builders

  • Refine Swift’s implementation and capabilities to allow it to be used for low-level systems programming (or in constrained environments) and in important domains like services and machine learning

  • Provide excellent solutions for major language features such as memory ownership and concurrency

Previously:

Setting Up Gitweb on Shared Hosting

Jordan Rose (tweet):

I did get a few recommendations for other places to host Git repositories, but—at least partly inspired by Tom Ryder’s “Why Not GitHub?”—I decided to take the plunge and set up my own hosting.

[…]

According to the Git Book, you’re supposed to grab the latest sources and generate a custom version of the script yourself. What they don’t mention is that pretty much everything you’d customize by generating it yourself is already customizable with a config file.

[…]

The idea to use a RewriteRule is adapted from the gitweb man page, but I’ve made one important change: paths that resolve to real directories are still sent to gitweb.cgi.

[…]

Basically, git doesn’t normally keep around info for clones to work over plain HTTP, but we can generate it up front whenever there’s a push. We use a post-update hook for that.

Previously:

Logitech Limits Harmony Hub Resets

techuck_ (via Hacker News):

After resetting my Hub last night, I was shown a message in the desktop + mobile apps saying my Hub had been disabled and to contact Customer Service. I tried several additional resets, a new Harmony account app re-installs, etc. and the message wouldn’t go away.

Logitech:

Our system will lock out a remote when it has detected excessive additions and deletions of devices to your remote account. Expected use would require only periodic additions/deletions of devices. This time I’ve enabled your remote account. So avoid deleting and adding the devices frequently.

Due to the product Terms of Use. Next time, your remote will no longer be able to make further updates to its configuration, when it gets disabled.

I guess this is to get you to buy the hub that supports more devices, instead of rotating them on the smaller hub.

Shane Morris:

My fridge has an RFID chip in the water filter, which means the generic water filter I ordered for $19 doesn’t work. My fridge will literally not dispense ice, or water.

I have to pay @generalelectric $55 for a water filter from them.

Ryan Sullivan:

Last month I canceled a random charge for $4.99 per month from HP called “InstantInk”. Wasn’t sure what it was for. I’ve had it for over a year but had no idea what it did.

I just found out what it did

[…]

Apparently HP remotely disabled perfectly good ink cartridges because I don’t pay a monthly fee?

Previously:

Using Breakpoints As Bookmarks

Jesse Squires:

Any time I am exploring or getting familiar with a new codebase in Xcode, especially very large projects, I use disabled breakpoints as “bookmarks” to keep track of where I am, where I have been, and things I want to remember or need to revisit. Sometimes I even do this when debugging issues in codebases that I know well.

Previously:

Information Leaks via Safari’s Intelligent Tracking Prevention

Artur Janc et al. (PDF, Hacker News, MacRumors, 9to5Mac):

As part of a routine security review, the Information Security Engineering team at Google has identified multiple security and privacy issues in Safari’s ITP design. These issues have a number of unexpected consequences, including the disclosure of the user’s web browsing habits, allowing persistent cross-site tracking, and enabling cross-site information leaks (including cross-site search). This report is a modestly expanded version of our original vulnerability submission to Apple (WebKit bug #201319), providing additional context and edited for clarity. A number of the issues discussed here have been addressed in Safari 13.0.4 and iOS 13.3, released in December 2019.

This is really clever.

Maciej Stachowiak:

If you’ve seen articles advising you to turn off Intelligent Tracking Prevention in Safari, don’t do it. That is terrible advice. Even if we had no fix for the issues recently disclosed by Google, cookies are a way worse tracking vector than a flaw in ITP could ever be.

On top of that, we have in fact patched the specific vulnerabilities reported to us, and have confirmed this with the researchers.

John Wilander:

We’d like to thank Google for sending us a report in which they explore both the ability to detect when web content is treated differently by tracking prevention and the bad things that are possible with such detection. Their responsible disclosure practice allowed us to design and test the changes detailed above.

Justin Schuh:

It has not [been addressed]. I explained elsewhere that Apple’s blog post was confusing to the team that provided the report. The post was made during a disclosure extension Apple had requested, but didn’t disclose the vulnerabilities, and the changes mentioned didn’t fix the reported issues.

Previously: